fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " GDPR "

UK’s Draft GDPR Implementation Law: The Starting Point

On September 13, the U.K. government introduced in Parliament the Data Protection Bill. The main aim of the bill is to implement the General Data Protection Regulation (EU) 2016/679 into U.K. domestic law. However, as perhaps reflected in the length and complexity of the bill, it is also intended to do several other things. This post outlines key observations on the structure and content of the bill.

Source: UK’s Draft GDPR Implementation Law: The Starting Point | HL Chronicle of Data Protection

CNIL Publishes GDPR Guidance for Data Processors

On September 29, 2017 the French Data Protection Authority (CNIL) published a guide for data processors to implement the new obligations set by the EU General Data Protection Regulation (“GDPR”). The guidance addresses the extended scope of the GDPR and the new and direct obligations data processors will have when the GDPR comes into force on May 25, 2018.

Source: CNIL Publishes GDPR Guidance for Data Processors

In defence of the new privacy experts

The growth in importance of privacy and data protection we have seen in recent years, which in Europe appears to be heading towards its climax as we approach the GDPR’s deadline date, has created a very fertile ground for ‘privacy experts’. They are everywhere: e-mailing you offers for their much-needed services, twitting incessantly as if the world was about to end and popping up in every possible corner of your LinkedIn feed. The noise that the new privacy experts are making seems truly deafening and dangerously hyped.

Source: In defence of the new privacy experts | LinkedIn

For everyone to benefit from technology, we need to ensure the free flow of information

Europe’s new General Data Protection Regulation (GDPR), which will take effect next May and which Microsoft supports, is a good example of the impact that privacy regulations can have.

Source: For everyone to benefit from technology, we need to ensure the free flow of information – Microsoft on the Issues

How to comply with provisions on joint controllers under the GDPR

The concept of joint controllers in EU law, in contrast to a distinction between controllers and processors, has not been seen thus far as particularly controversial nor widely discussed. However, it is now explicitly provisioned by the GDPR that joint controllers are two or more controllers that jointly determine the purposes and means of processing.

Source: How to comply with provisions on joint controllers under the GDPR

When is a vendor a processor?

Privacy professionals have been involving themselves in their organizations’ vendor management programs for a few years now. Indeed, according to the 2016 IAPP-EY Privacy Governance Survey, 70 percent of respondents (up from 63 percent in 2015) were involved in a formal vendor management program — and the numbers are just as strong in this year’s upcoming report.

Source: When is a vendor a processor?

Considerations for operationalizing data-subject rights under GDPR

The General Data Protection Regulation provides individuals with a variety of rights to enforce against organizations that are processing their personal data. These rights allow individuals to have control over, and place limits on, the collection, use and disclosure of their data.

Source: Considerations for operationalizing data-subject rights under GDPR

>